What is public key cryptography and how does it relate to Bitcoin?

In this post we will take a closer look at the magic of cryptography and how it features in Bitcoin.

Bitcoin begins with public key cryptography

As I've touched on in my previous posts, the Bitcoin protocol is essentially a record of transactions between addresses. For simplicities sake you can think of an address as being akin to an online bank account. The Bitcoin ledger contains records of the coins that each address has sent and received.

But what actually is an address? Public key cryptography was published in the 1970s and provides a method for asynchronous encryption and decryption of information.

What on earth does that mean?

Traditional encryption protocols are synchronous which basically means that the same key is used to both encrypt and decrypt information. This works fine if you have a mechanism for securely sharing that private key between relevant parties, for example in person. However, it's utility breaks down if you have no secure method to share.

An excellent example of this is communication over the internet. If you wish to privately communicate with someone you trust by encrypting your data before sending it to them, how do you let them know the key to decrypt if you can't meet them in person? In an email? Via a phone call? In the post? Each of those methods is utterly insecure and therefore your private key is likely exposed to interception. The effect is the process is essentially void and barely any better than having no encryption in the first place.

Public key cryptography to the rescue.

The genius of public key cryptography is that it utilises two encryption keys. The first key, known as the public key, is used to encrypt information. It can be publicly shared with anyone, for example over the internet.

The second key, known as the private key, is used to decrypt information which has previously been encrypted using the associated public key. This key, as the name implies, should be kept absolutely private.

It is computationally easy to initially generate a public/private key pair and to derive a public key from a private key. It is however computationally difficult (to the point of impracticability) to derive a private key from a public key.

Let's use an example to illustrate the merit of this approach. James has found a blog online and would like to privately communicate with the author. The author, Ben, has taken the time to list his public key on his blog for exactly this purpose. James takes this public key and uses it to encrypt the message he wants to send to Ben and then sends the encrypted data using any method he wishes, even over an insecure channel. Ben receives the encrypted message and can use his private key, that only he knows, to decrypt the message and privately read it's contents. No party that intercepted the encrypted message would be able to read it without the private key.

This technology now underpins much of the secure communication that happens over the internet. In fact, every time you visit a secure TLS (https) enabled website, perhaps to purchase something using a credit card, you are relying on public key cryptography to ensure your connection is secure.

So how do public and private keys relate to Bitcoin?

Public key cryptography enables another really useful construct: digital signatures. A person can combine a message and their private key to create a digital signature. This signature can then be shared with a third party which can use the associated public key to verify that the signature is by the owner of the private key, without actually revealing the private key to the third party. Effectively, this enables a person to prove that they are the owner of a given public key and this can be trusted beyond doubt.

When you run Bitcoin software, the first step is to generate a public / private key pair.

The public key becomes the Bitcoin address we referenced above. This address can be freely shared with people who can then use it to send you coins in a transaction. Addresses are ultimately just long numbers but are encoded as alphanumeric strings which look similar to:

1BvBMSEYstWetqTFn5Au4m4GFg7xJaNVN2

The associated private key should be kept entirely secret. As the holder of a private key, you are able to sign transactions (i.e. create a digital signature) which prove that you are the owner of a given address. This allows you to spend the Bitcoins stored at that address by sending them to another address. Private keys are even longer than public keys and typically displayed in base58 format which look similar to:

5Kb8kLf9zgWQnogidDA76MzPL6TsZZY36hWXMssSzNydYXYB9KF

So what is a Bitcoin wallet?

A wallet in this context refers to a digital file generated by Bitcoin software. All the wallet actually contains is a list of generated private keys which provide access to the public keys (addresses) associated with those private keys.

A common misconception of Bitcoin is that your wallet somehow contains Bitcoins directly. It doesn't, those Bitcoins exist on the distributed ledger. Your wallet file just contains the private keys which allow you to prove that you own the associated addresses and therefore allows you to actually spend any coins held at those addresses.

The software will typically allow you to enter a password to encrypt your wallet file. Then, whenever you wish to create a transaction using one of your addresses, you open your wallet using the password you setup and the software will have access to each of the contained private keys to digitally sign your desired transactions.

If you lose access to the wallet, you have effectively lost access to your private keys and your Bitcoins are lost forever.

No one will be able to retrieve them for you due to the strong nature of encryption. I will cover how to secure your coins in a later post, but for now please remember that you absolutely must keep secure backups of your wallet file and maintain offline records of your password.